CASIA OpenIR  > 模式识别国家重点实验室  > 模式分析与学习
Combating phishing attacks via brand identity and authorization features
Geng, Guanggang1; Lee, Xiao-Dong1; Zhang, Yan-Ming2
Phishing, also called brand spoofing, has become the most troubling scam on the Internet, which seriously threatens the
Web security. The essence of phish is that “robbers” use false sites, which look like a trustworthy brand site, where favicon,
logo and copyright notice are important brand identities. We analyzed 78-day phishing data of PhishTank and Anti-Phishing
Working Group (APWG). The statistics show that more than 98.93% phishing sites contain at least one brand entity—
favicon, logo or copyright notice. Indeed, only a few lowest-quality phishing campaigns do not use such brand elements.
Obviously, brand entities are powerful weapons of phishers to trick users. By analyzing the characteristics of brand entities
in phishing sites, several brand identity features are extracted. However, only brand entities do not consider whether the
Web page with brand entities belongs to the corresponding brand or has an authorization to use the brand entities. To
solve this problem, redirection, incoming links and Domain Name System (DNS) information-based brand authorization
features are further extracted to discriminate the sites with branding rights from phishing sites. Based on extracted features,
statistical anti-phishing classification models are trained. We collected a diverse spectrum of corpora containing 3863
phishing cases from PhishTank and APWG, and 17 571 legitimate samples from DMOZ, Google and DNS resolution
log. Experimental evaluations show that the model achieves 98.8% true positive rate and 0.09% false positive rate, which
demonstrates the competitive performances of extracted features for statistical anti-phishing in practice.
KeywordBrand Identity Recognition
Indexed BySCI
WOS IDWOS:000351877000002
Citation statistics
Cited Times:2[WOS]   [WOS Record]     [Related Records in WOS]
Document Type期刊论文
Affiliation1.Computer Network Information Center, Chinese Academy of Sciences
2.National Laboratory of Pattern Recognition, Institute of Automation
Recommended Citation
GB/T 7714
Geng, Guanggang,Lee, Xiao-Dong,Zhang, Yan-Ming. Combating phishing attacks via brand identity and authorization features[J]. SECURITY AND COMMUNICATION NETWORKS,2014,8(6):888-898.
APA Geng, Guanggang,Lee, Xiao-Dong,&Zhang, Yan-Ming.(2014).Combating phishing attacks via brand identity and authorization features.SECURITY AND COMMUNICATION NETWORKS,8(6),888-898.
MLA Geng, Guanggang,et al."Combating phishing attacks via brand identity and authorization features".SECURITY AND COMMUNICATION NETWORKS 8.6(2014):888-898.
Files in This Item: Download All
File Name/Size DocType Version Access License
geng2015combating.pd(1133KB)期刊论文作者接受稿开放获取CC BY-NC-SAView Download
Related Services
Recommend this item
Usage statistics
Export to Endnote
Google Scholar
Similar articles in Google Scholar
[Geng, Guanggang]'s Articles
[Lee, Xiao-Dong]'s Articles
[Zhang, Yan-Ming]'s Articles
Baidu academic
Similar articles in Baidu academic
[Geng, Guanggang]'s Articles
[Lee, Xiao-Dong]'s Articles
[Zhang, Yan-Ming]'s Articles
Bing Scholar
Similar articles in Bing Scholar
[Geng, Guanggang]'s Articles
[Lee, Xiao-Dong]'s Articles
[Zhang, Yan-Ming]'s Articles
Terms of Use
No data!
Social Bookmark/Share
File name: geng2015combating.pdf
Format: Adobe PDF
All comments (0)
No comment.

Items in the repository are protected by copyright, with all rights reserved, unless otherwise indicated.